<?php

/**
 * Copyright              [HD框架] (C)2011-2012 houdunwang ，Inc. 
 * Encoding               UTF-8
 * Version                 $Id: rbacControl.php      2012-2-19  18:46:35
 * @author                向军
 * Link                       http://www.houdunwang.com       
 * E-mail                    houdunwang@gmail.com
 */
class rbacControl extends setupControl {

    function index() {
        $this->display();
    }

    //设置配置文件
    function setconfig() {

        $this->assign("config", C());
        $this->display();
    }

    //锁定RBAC配置功能
    function lock() {
        if (file_put_contents("lock.php", '后盾网 人人做后盾')) {
            $this->success("锁定成功");
        } else {
            $this->error("加锁失败，请修改SETUP目录为可写");
        }
    }

    //修改配置项
    function updateconfig() {
        $config = array();
        $config["debug"] = 0;
        $config["ERROR_MESSAGE"] = "系统发生错误..."; //关闭DEBUG时显示的错误内容
        $config["SHOW_NOTICE"] = 1; //提示性错误显示
        $config["SHOW_SYSTEM"] = 1; //显示系统信息
        $config["SHOW_INCLUDE"] = 1; //显示加载文件信息
        $config["db_host"] = $_POST['dbhost'];
        $config["db_port"] = $_POST['dbport'];
        $config["db_user"] = $_POST['dbuser'];
        $config["db_password"] = $_POST['dbpwd'];
        $config["db_database"] = $_POST['dbname'];
        $config["db_prefix"] = $_POST['dbfix'];
        $config["SESSION_PROC_TYPE"] = 'file';
        $str = "<?php \r\n";
        $str.= "if (!defined('PATH_HD'))
    exit;return ";
        $str.=var_export($config, true);
        $str.=" \r\n ?>";
        $configFile = PATH_APP . '/config/config.php';
        if (!file_put_contents($configFile, $str)) {
            $this->error("修改RBAC配置文件失败，请修改文件{$configFile}为777");
        } else {
            if (!$this->checkdb()) {
                $this->error("连接参数不对，请重新设置");
            }
            $this->success("修改配置文件成功");
        }
    }

    function checkdb() {
        C(include PATH_APP . '/config/config.php');
        $host = C("db_host") . ':' . C("db_port");
        $stat = mysql_connect($host, C("db_user"), C("db_password")) ? 1 : 0;
        if (!mysql_select_db(C("db_database"))) {
            $this->error("数据库连接错误，请修改配置项");
        }
        return $stat;
    }

    function createrbactable() {
        if (!$this->checkdb()) {
            $this->error("连接参数不对，请重新设置");
        }
        $this->addrbactable();
    }

    function addrbactable() {
        $sql = file_get_contents(PATH_APP . '/data/rbac.sql');
        C("debug", 1);
        $tbfix = C("db_prefix");
        $sql = str_replace("hd_", $tbfix, $sql);
        $sqlArr = explode(';', $sql);
        $sqlArr = array_filter($sqlArr);
        $db = M();
        foreach ($sqlArr as $v) {
            $db->exe($v);
        }
        $this->success("创建RBAC表完成", 'index/index');
    }

    function addrole() {
        $this->display();
    }

    function showrole() {
        $db = M("role");
        $row = $db->all();
        if (!$row) {
            $this->error("没有任何组(角色)信息，请先设置", "addrole");
        }
        $this->assign("row", $row);
        $this->display();
    }

    function addentrance() {
        c("debug", 1);
        $db = M("role");
        if ($db->add()) {
            $this->success("添加用户组成功");
        } else {
            $this->error("添加失败");
        }
    }

    function delrole() {
        c("debug", 1);
        $db = M("role");
        if ($db->del($_GET['rid'])) {
            $this->success("删除成功");
        } else {
            $this->success("删除失败");
        }
    }

//添加用户视图
    function showadduser() {
        $db = M("role");
        $role = $db->all();
        if (!$role) {
            $this->error("没有用户组(角色)，先添加用户组", "addrole");
        }
        $this->assign("role", $role);
        $this->display();
    }

//添加用户
    function adduser() {
        $db = M("user");
        $_POST['password']=md5($_POST['password']);
        if ($db->add()) {
            $db->table = "user_role";
            $newUid = $db->get_insert_id();
            if (!$newUid) {
                $this->error("添加用户失败，请重试");
            }
            $_POST['uid'] = $newUid;
            $db->add();
            $this->success("添加成功");
        } else {
            $this->error("添加用户失败");
        }
    }

//查看用户
    function showuser() {
        $db = k('user');
        $row = $db->field(array("uid", "username"))->findall();
        if (!$row) {
            $this->error("没有用户信息，请先设置", "showadduser");
        }
        $this->assign("row", $row);
        $this->display();
    }

//删除用户
    function deluser() {
        $db = M("user");
        if ($db->del($_GET['uid'])) {
            $db->table = "user_role";
            if ($db->del("uid=" . $_GET['uid'])) {
                $this->success("删除用户成功");
            }
        } else {
            $this->error("删除用户失败");
        }
    }

    //自动获取节点信息
    function getnode() {
        $this->display();
    }

    function shownode() {
        $rbac = new rbac();
        $node = $rbac->get_node_list();
        if (!$node) {
            $this->error("还没有设置权限节点，请设置", 'showaddnode');
        }
        $this->assign("node", $node);
        $this->display();
    }

    function showaddnode() {

        $level = isset($_GET['level']) ? $_GET['level'] : 0;
        switch ($level) {
            case 0:
                $node = array(
                    array('level' => 1, 'name' => '应用'),
                    array('level' => 2, 'name' => '模块控制器'),
                    array('level' => 3, 'name' => '控制器方法'),
                );
                break;
            case 1:
                $node = array(
                    array('level' => 2, 'name' => '模块控制器'),
                    array('level' => 3, 'name' => '控制器方法'),
                );
                break;
            case 2:
                $node = array(
                    array('level' => 3, 'name' => '控制器方法'),
                );
                break;
            default:
                $this->error("操作错误,当前节点已经是控制器方法，不能再添加");
        }
        $this->assign("node", $node);
        $this->display();
    }

    //删除节点
    function delnode() {
        C("debug", 1);
        $db = M("node");
        $nid = $_GET['nid'];
        if ($db->where("pid=$nid")->find()) {
            $this->error("请先删除子节点");
        }
        if ($db->del($nid)) {
            $this->success('删除成功');
        } else {
            $this->error("删除失败");
        }
    }

    function addnode() {
        $db = M("node");
        if ($db->add()) {
            $this->success("添加节点成功", 'shownode');
        } else {
            $this->error("节点添加失败");
        }
    }
    
    function setaccess() {
        $rid = $_GET['rid'];
        $db = k("role");
        $role = $db->find($rid);
        $this->assign('role', $role);
        $rbac = new rbac();
        $node = $rbac->get_node_list($rid);
        if (!$node) {
            $this->error("还没有设置权限节点，请设置", 'showaddnode');
        }
        $this->assign('node', $node);
        $this->display();
    }

    function addaccess() {
        $db = M("access");
        $db->where("rid=" . $_POST['rid'])->del();
        if (empty($_POST['node'])) {
            $this->success("已经全部删除");
        } else {
            foreach ($_POST['node'] as $v) {
                $db->rid = $_POST['rid'];
                $db->nid = $v;
                $db->add($db);
            }
            $this->success("操作成功");
        }
    }

}

?>
